National Cyber Security Centre
NCSC welcomes report into security of connected toys
Vulnerabilities in connected toys could potentially enable a stranger to talk to a child.
A report published by Which? yesterday (October 14) has reported vulnerabilities with the I-Que Intelligent Robot, Toy-fi Teddy, Furby and CloudPets cuddly toys.
A spokesperson for the National Cyber Security Centre (NCSC) said:
“We welcome this report and strongly urge manufacturers of connected devices to take every measure to ensure their products are safe to use.
“Companies must take this responsibility seriously and toy manufacturers need to catch up with the security processes that are embedded within the wider IT industry.
“Parents should be in no doubt that products their children use are safe. The Government’s Secure by Default Programme is helping to spread good practices and initiatives for companies to adopt. People who are worried about issues relating to a specific product should contact the manufacturers.”
- Manufacturers of internet-connected devices should ensure those devices have appropriate security measures built in and seek to ensure emerging technologies are secure by design.
- For device manufacturers, the NCSC has guidance around how to build devices that are Secure by Default. This guidance details some high-level principles that help to ensure that products are designed in a secure way.
Latest News from
National Cyber Security Centre
NCSC and partners issue warning about state-sponsored cyber attackers hiding on critical infrastructure networks08/02/2024 11:05:00
GCHQ’s National Cyber Security Centre and partners share details of how threat actors are using built-in tools to camouflage themselves on victims’ systems.
Business leaders urged to toughen up cyber attack protections24/01/2024 13:12:00
New guidelines to help directors and business leaders boost their resilience against cyber threats.
Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure15/01/2024 10:15:00
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) gateways (CVE-2023-46805 and CVE-2024-21887), and follow the latest vendor advice.
UK exposes attempted Russian cyber interference in politics and democratic processes08/12/2023 10:29:00
The UK condemns Russia’s sustained attempts at political interference in the UK and globally.
UK and allies expose Russian intelligence services for cyber campaign of attempted political interference07/12/2023 14:25:00
The UK and allies call out the Russian Intelligence Services for a campaign of malicious cyber activity attempting to interfere in UK politics and democratic processes
NCSC launches Cyber Incident Exercising scheme06/12/2023 15:25:00
New CIE assured providers give organisations support to create structured table-top or live-play cyber incident exercises.
UK and Republic of Korea issue warning about DPRK state-linked cyber actors attacking software supply chains23/11/2023 16:05:00
Joint advisory observes cyber actors leveraging zero-day vulnerabilities and exploits in third-party software.
NCSC warns of enduring and significant threat to UK's critical infrastructure16/11/2023 10:05:00
The NCSC's seventh Annual Review raises awareness of the increasingly unpredictable threat landscape.